Video: AI will decide when it's the best time to install your next Windows 10 update.
Microsoft has declined to comment on an expert's many complaints about the quality of its recent patches and cadence of Windows 10 feature updates. But it has argued in a blog that it gives admins all the tools they need to test and provide feedback before it releases Patch Tuesday updates.
Microsoft's John Wilcox, who helps promote why organizations should move to Windows 10's Windows-as-a-service model has, at the behest of Windows pros, offered an explanation of its monthly Windows 10 quality update servicing cadence and terminology.
As noted by ZDNet's Ed Bott recently, IT admins who'd spent years learning about Windows Update needed to "prepare to do some unlearning" due to the many changes introduced by Microsoft's shift to a Windows 10-as-a-service model.
"With Windows 10, Microsoft has completely rewritten the Windows Update rulebook. For expert users and IT pros accustomed to having fine-grained control over the update process, these changes might seem wrenching and even draconian," he noted.
Microsoft previously had to support up to five major versions of Windows simultaneously, which didn't mesh so well in a world where new threats emerge at breakneck speed.
So it introduced Windows 10 feature updates -- for example, version 1703 and 1709, along with multiple build numbers like 16299 -- twice a year.
Additionally, it shifted to cumulative monthly 'quality updates', which address security and reliability issues but don't include new features, and nudge a build number like build 16299 to 16299.192, aimed at keeping systems up to date even if previous updates have been missed. These are all delivered via Windows Update.
Separately, Microsoft added another load on admins by replacing its familiar security bulletin index with its new database.
Wilcox outlines that Microsoft's guiding principles to its monthly Windows service updates are built around being "simple and predictable", "agile", and "transparent".
Wilcox doesn't directly address patching expert Bradley's major complaints about Microsoft's patches of late, but said Microsoft's predictability meant IT managers should be able to handle its "simple, regular and consistent patching cadence".
"You should be able to plan a time, well in advance, to work on new updates. You also shouldn't have to memorize multiple release schedules; the Windows release cadence should align with that of other Microsoft products," he writes.
There were 47 known issues in July's Patch Tuesday, the worst of which, argued Bradley, were .NET "side effects" that impacted SharePoint, BizTalk Server middleware, and Exchange.
As she noted, the issues forced people like her to decide whether to install a patch that breaks a system or leaves a machine vulnerable to disclosed flaws.
Wilcox said Microsoft's agility goal is aimed at responding to threats "quickly when required".
"We should also provide you with updates quickly without compromising quality or compatibility," notes Wilcox.
And he insists Microsoft is transparent. "[Y]ou should be able to understand and prepare for updates in advance. This includes guides for common servicing tools, simple release notes, and access to assistance or a feedback system to provide input."
While admins should understand Microsoft's new way of doing things, the company has offered a more detailed brief on its monthly quality updates.
Patch Tuesday fixes, as always, arrive on the second Tuesday of every month, are sometimes known as the 'B release', and are the "most important" of its monthly updates.
Out-of-band releases fall outside Patch Tuesday and are employed when Microsoft urgently needs to fix security bugs or quality issues affecting many devices, for example, when a bug is already being actively exploited. Wilcox says Microsoft has "set a high threshold for releasing them".
Then there are C and D releases, which happen on the third and fourth weeks of the month, respectively.
They're non-security and are meant to allow admins to see and test the planned non-security fixes targeted for the following month's Patch Tuesday release. They're then shipped as part of that month's Patch Tuesday release.
But Wilcox seems to be arguing that IT pros should be doing their bit with Microsoft's D releases, which occur exactly between two months' Patch Tuesdays.
"Due to the sensitive nature of security fixes, Update Tuesday releases must be coordinated internally between our product teams and tested externally with our partners," writes Wilcox.
"Non-security releases do not have this limitation so, for the latest version of Windows 10, we typically release the majority of non-security updates the fourth week of every month, two weeks after the last Update Tuesday and two weeks before the next, in a D release."
During the two-week period between the initial release of a D release and Microsoft's active push to install it on devices, admins can test the updates and provide feedback, says Wilcox, reducing the testing necessary after Update Tuesday and "thereby, improving our ability to solve issues before they even happen".
"In most cases, C and D releases do not need be deployed to your broader device ecosystem. Instead, you can use these releases to identify any issues that could impact your next B deployment and provide feedback," he continues.
"This helps you get a head start on testing and understanding the potential impact of updates and gives you a chance to provide suggestions before those updates are officially released, providing a smoother and more tailored experience when the B release comes around."
And in defense of Microsoft's Patch Tuesday, he notes that it previously caused admins a greater burden when it simply shipped a patch when it was ready.
"It was also a challenge for users, who sometimes had to reboot their computers multiple times a month to apply new updates, rather than just one reboot to apply a cumulative update, the process we use today."
But Microsoft has conceded recently that its efforts to automate updates have created new problems for users and last week announced a new predictive model, so Windows 10 PCs only restart for an update when users have stepped away from work for long enough to begin the process.
In other words, admins should trust Microsoft's patches. Bradley said Microsoft's recent spate of known issues means that, "We do not trust the software and the patching quality enough" to install all updates and patches "immediately without reservation".
Predictably, Wilcox highlights that Microsoft is using AI to improve its deployment process and is using its data to continually retrain its models so the update experience is positive across all devices.
He insists it is meeting its objective of "safe and reliable updates" and only going "as fast as is safe".
Previous and related coverage
In a year of big malware outbreaks, one expert thinks Microsoft's faulty patches and speedy Windows 10 feature updates could be setting its users up for a dangerous situation.
Google's new Chromebook video reminds the world of the worst of Apple and Microsoft computers.
Microsoft is putting together a service aiming to take the pain out of procuring, provisioning and managing Windows 10 devices that it's currently calling the 'Microsoft Managed Desktop.'
Microsoft's predictive model will try to determine whether you've just left for a coffee or have finished for the day so that it can deliver updates without interrupting your work.
Updates for Windows 10 have arrived just a fortnight after Patch Tuesday.
If you're keen to stay in the Skip Ahead group of the Windows 10 Insider tester program, now is the time to act.
If you want to try out bleeding edge builds of Windows 10 here's how to opt into Skip Ahead. But be quick.
Because typing on glass isn't for everyone.